From: "Michael S. Tsirkin" <mst@redhat.com>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: elena.reshetova@intel.com, virtio-dev@lists.oasis-open.org,
virtualization@lists.linux.dev
Subject: Re: Using packed virtqueues in Confidential VMs
Date: Thu, 16 Nov 2023 17:26:42 -0500 [thread overview]
Message-ID: <20231116172507-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <20231116200245.GA336841@fedora>
On Thu, Nov 16, 2023 at 03:02:45PM -0500, Stefan Hajnoczi wrote:
> Hi Elena,
> You raised concerns about using packed virtqueues with untrusted devices at
> Linux Plumbers Conference. I reviewed the specification and did not find
> fundamental issues that would preclude the use of packed virtqueues in
> untrusted devices. Do you have more information about issues with packed
> virtqueues?
>
> I also reviewed Linux's virtio_ring.c to look for implementation issues. One
> thing I noticed was that detach_buf_packed -> vring_unmap_desc_packed trusts
> the fields of indirect descriptors that have been mapped to the device:
>
> flags = le16_to_cpu(desc->flags);
>
> dma_unmap_page(vring_dma_dev(vq),
> le64_to_cpu(desc->addr),
> le32_to_cpu(desc->len),
> (flags & VRING_DESC_F_WRITE) ?
> DMA_FROM_DEVICE : DMA_TO_DEVICE);
>
> This could be problematic if the device is able to modify indirect descriptors.
> However, the indirect descriptor table is mapped with DMA_TO_DEVICE:
>
> addr = vring_map_single(vq, desc,
> total_sg * sizeof(struct vring_packed_desc),
> DMA_TO_DEVICE);
>
> There is no problem when there is an enforcing IOMMU that maps the page with
> read-only permissions but that's not always the case. Software devices (QEMU,
> vhost kernel, or vhost-user) usually have full access to guest RAM.
Not with encrypted memory.
> They can
> cause dma_unmap_page() to be invoked with arguments of their choice (except for
> the first argument) by modifying indirect descriptors.
> I am not sure if this poses a danger since software devices already have access
> to guest RAM, but I think this code is risky. It would be safer for the driver
> to stash away the arguments needed for dma_unmap_page() in memory that is not
> mapped to the device.
>
> Other than that, I didn't find any issues with the packed virtqueue
> implementation.
>
> Stefan
next prev parent reply other threads:[~2023-11-16 22:26 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 20:02 Using packed virtqueues in Confidential VMs Stefan Hajnoczi
2023-11-16 22:26 ` Michael S. Tsirkin [this message]
2023-11-20 10:13 ` Reshetova, Elena
2023-11-20 11:02 ` Stefan Hajnoczi
2023-11-20 12:29 ` Michael S. Tsirkin
2023-11-21 11:02 ` Reshetova, Elena
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231116172507-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=elena.reshetova@intel.com \
--cc=stefanha@redhat.com \
--cc=virtio-dev@lists.oasis-open.org \
--cc=virtualization@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).